EP2279502B1 - Nfc mobile communication device and nfc reader - Google Patents

Nfc mobile communication device and nfc reader Download PDF

Info

Publication number
EP2279502B1
EP2279502B1 EP09750221.5A EP09750221A EP2279502B1 EP 2279502 B1 EP2279502 B1 EP 2279502B1 EP 09750221 A EP09750221 A EP 09750221A EP 2279502 B1 EP2279502 B1 EP 2279502B1
Authority
EP
European Patent Office
Prior art keywords
mobile communication
communication device
mifare
nfc
operating system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP09750221.5A
Other languages
German (de)
French (fr)
Other versions
EP2279502A2 (en
Inventor
Alexandre Corda
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NXP BV
Original Assignee
NXP BV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to EP08104008 priority Critical
Application filed by NXP BV filed Critical NXP BV
Priority to PCT/IB2009/051982 priority patent/WO2009141764A2/en
Priority to EP09750221.5A priority patent/EP2279502B1/en
Publication of EP2279502A2 publication Critical patent/EP2279502A2/en
Application granted granted Critical
Publication of EP2279502B1 publication Critical patent/EP2279502B1/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10237Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves the reader and the record carrier being capable of selectively switching between reader and record carrier appearance, e.g. in near field communication [NFC] devices where the NFC device may function as an RFID reader or as an RFID tag
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10297Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for handling protocols designed for non-contact record carriers such as RFIDs NFCs, e.g. ISO/IEC 14443 and 18092
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Use of a security embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0853Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/08Access security

Description

  • The invention relates to a mobile communication device with Near Field Communication (NFC) capabilities, being operated by an operating system, such as a JAVA operating system, wherein the operating system is able to store and start software applications which are installed in the mobile communication device:and are identifiable by application identifications.
  • The invention further relates to an RFID reader adapted to access a MIFARE portion of a secure memory device, which MIFARE portion comprises a plurality of memory sectors.
  • WO2008/007260 discloses a mobile device, e.g. a cellular phone, having an NFC interface.
  • The MIFARE® classic family, developed by NXP Semiconductors is the pioneer and front runner in contactless smart card ICs operating in the 13.56 MHz frequency range with read/write capability. MIFARE® is a trademark of NXP Semiconductors. MIFARE complies with ISO14443 A, which is used in more than 80% of all contactless smart cards today. The technology is embodied in both cards and card reader devices. MIFARE cards are being used in an increasingly broad range of applications (including transport ticketing, access control, e-payment, road tolling, and loyalty applications). MIFARE Standard (or Classic) cards employ a proprietary high-level protocol with a proprietary security protocol for authentication and ciphering. MIFARE® technology has become a standard for memory devices with key-protected memory sectors. One example for a published product specification of MIFARE® technology is the data sheet "MIFARE® Standard Card IC MF1 IC S50 - Functional Specification" (1998). MIFARE® technology is also discussed in: Klaus Finkenzeller, "RFID Handbuch", HANSER, 3rd edition (2002).
  • The MIFARE Classic cards are fundamentally just memory storage devices, where the memory is divided into sectors and blocks with simple security mechanisms for access control. Each device has a unique serial number. Anticollision is provided so that several cards in the field may be selected and operated in sequence.
  • The MIFARE Standard 1k offers about 768 bytes of data storage, split into 16 sectors with 4 blocks of 16 bytes each (one block consists of 16 bytes); each sector is protected by two different keys, called A and B. They can be programmed for operations like reading, writing, increasing value blocks, etc.. The last block of each sector is called "trailer", which contains two secret keys (A and B) and programmable access conditions for each block in this sector. In order to support multi-application with key hierarchy an individual set of two keys (A and B) per sector (per application) is provided.
  • The memory organization of a MIFARE Standard 1k card is shown in Fig. 1. The 1024 X 8 bit EEPROM memory is organized in 16 sectors with 4 blocks of 16 bytes each. The first data block (block 0) of the first sector (sector 0) is the manufacturer block which is shown in detail in Fig. 2. It contains the serial number of the MIFARE card that has a length of four bytes (bytes 0 to 3), a check byte (byte 4) and eleven bytes of IC manufacturer data (bytes 5 to 15). The serial number is sometimes called MIFARE User IDentification (MUID) and is a unique number. Due to security and system requirements the manufacturer block is write protected after having been programmed by the IC manufacturer at production. However, the MIFARE specification allows to change the serial number during operation of the MIFARE card, which is particularly useful for MIFARE emulation cards like SmartMX cards.
  • SmartMX (Memory extension) is a family of smart cards that have been designed by NXP Semiconductors for high-security smart card applications requiring highly reliable solutions, with or without multiple interface options. Key applications are e-government, banking / finance, mobile communications and advanced public transportation.
  • The ability to run the MIFARE protocol concurrently with other contactless transmission protocols implemented by the User Operating System enables the combination of new services and existing applications based on MIFARE (e.g. ticketing) on a single Dual Interface controller based smart card. SmartMX cards are able to emulate MIFARE Classic devices and thereby makes this interface compatible with any installed MIFARE Classic infrastructure. The contactless interface can be used to communicate via any protocol, particularly the MIFARE protocol and self defined contactless transmission protocols. SmartMX enables the easy implementation of state-of-the-art operating systems and open platform solutions including JCOP (the Java Card Operating System) and offers an optimized feature set together with the highest levels of security. JCOP is an IBM® implementation of the Java Card 2.2.1 and Global Platform 2.1.1 basic specifications. JCOP handles different applications which are called applets, e.g. credit card applications. JCOP provides authentication and encryption mechanisms. SmartMX incorporates a range of security features to counter measure side channel attacks like DPA, SPA etc.. A true anticollision method (acc. ISO/IEC 14443-3), enables multiple cards to be handled simultaneously.
  • It should be noted that the emulation of MIFARE Classic cards is not only restricted to SmartMX cards, but there may also exist other present or future smartcards being able to emulate MIFARE Classic cards.
  • Recently, mobile communication devices have been developed which contain smart cards like SmartMX cards. These mobile communication devices comprise e.g. mobile phones with Near Field Communication (NFC) capabilities, but are not limited to mobile phones.
  • Fig. 4 shows a schematic representation of a system comprising such a mobile communication device 3 with NFC capabilities configured as a mobile phone and being equipped with a secure memory device 2 configured as a SmartMX card. The secure memory device 2 comprises a first memory portion 2a configured as an emulated MIFARE memory, such as described with reference to Figs. 1 - 3, and a second memory portion 2b configured as a high-secure memory portion operated under a Java Operating System such as JCOP. The second memory portion 2b offers security features like authentication and encryption, whereas the first memory portion 2a is protected by keys. Both memory portions 2a, 2b are accessible by a combined RFID/NFC reader 1. When the mobile communication device 3 enters (see arrows A1) or exits the RF field 4 of the reader 1, or when a transaction has been done between the mobile communication device 3 and the reader 1 (e.g. between the reader 1 and the second memory portion 2b of the secure memory device 2, see arrow A2) according to prior art the mobile communication device's 3 NFC chip 5 triggers a hardware interruption INT. This interruption INT is the only link existing between the operating system J2ME, e.g. a Java Virtual Machine, of the mobile communication device 3 and the NFC chip 5 to enable the operating system J2ME to detect that something has happened at NFC level. If during this connection an action (arrow A2) has been done between the reader 1 and the second memory portion 2a, i.e. the SmartMX JCOP part, the NFC stack (arrow A3) retrieves the last application accessed by its application identification AID and sends a push event (arrow A4) to the Java Virtual Machine J2ME. The Java Virtual Machine J2ME will then check (arrow A5) if there is a so called MIDlet 6 which is a Java Mobile Application registered to this kind of the push event for this specific application identification AID and if there is one, it will start it. This kind of connection between the JCOP part 2b of the secure memory device 2 and the reader 1 is mainly used for payment and high-level security applications.
  • The problem with this known handling of communication between the operating system J2ME of the mobile communication device 3 and the secure memory device 2 is that it only works for the second memory portion 2b which is operated under Java, particularly JCOP, but does not work for the first memory portion 2a which is configured as a MIFARE memory, since the MIFARE standard does not provide for this kind of software communication. Therefore, in case of ticketing, access control or other applications which are typically located in the MIFARE part 2a of the secure memory device 2 there is no way to retrieve specific information and trigger a push event to start the associated application 6, as shown in the diagram of Fig. 5. After the hardware interruption INT has occurred, there is no way for the software J2ME in the mobile communication device 3 to retrieve which sector of the MIFARE part 2a of the secure memory device 2 has been accessed by the reader 1. Therefore, the software J2ME cannot start an appropriate MIDlet application 6. Therefore, a user of the mobile communication device 3 will get the impression that nothing happens even if he definitely knows that his mobile communication device 3 is within the range of the RF field 4 of the reader 1, e.g. if he is at an entrance gate and swipes his mobile communication device 3 closely at the reader 1. Since there is no possibility for an application 6 to show any messages about the access of the reader 1 to the MIFARE part 2a of the secure memory device 2 the user will believe assume that there is a malfunction.
  • It is an object of the invention to provide a mobile communication device of the type defined in the opening paragraph and an RFID reader of the type defined in the second paragraph, in which the disadvantages defined above are avoided.
  • In order to achieve the object defined above, with a mobile communication device according to the invention characteristic features are provided so that a mobile communication device according to the invention can be characterized in the way defined below, that is:
    • A mobile communication device with Near Field Communication capabilities, being operated by an operating system, such as a JAVA operating system, wherein the operating system is able to start software applications which are installed in the mobile communication device and are identifiable by application identifications, wherein the mobile communication device is equipped with a secure memory device, e.g. configured as a SmartMX card, which comprises at least a first memory portion configured as a MIFARE memory with a plurality of memory sectors, which sectors are protected against unauthorized access by sector keys, wherein the mobile communication device comprises NFC means, particularly an NFC chip, being adapted to trigger a hardware interruption when the first memory portion has been accessed by an external RFID reader, which hardware interruption is detected by the operating system and causes the operating system to access a pre-defined sector of the first memory portion of the secure memory device and to read information from said sector which has been previously written by the external RFID reader, which information is representative for an application identification, to retrieve and to start a software application associated to the application idenficiation.
  • In order to achieve the object defined above, with an RFID reader according to the invention characteristic features are provided so that an according to the invention can be characterized in the way defined below, that is:
    • An RFID reader being adapted to access a MIFARE portion of a secure memory device, which MIFARE portion comprises a plurality of memory sectors, wherein the RFID reader is configured to read data from sectors and to write data into sectors by transmitting the keys assigned to said sectors and the data, wherein the RFID reader is adapted to write information into a pre-defined sector of the MIFARE portion of the secure memory device, which information is representative for an application identification of a software application.
  • The present invention allows that a specific application within a mobile communication device is started when the MIFARE part of a secure memory device arranged in the mobile communication device is accessed from an external reader. This is an essential feature for all MIFARE mobile applications like ticketing, access control, transit and so on, since it allows to inform a user of any transactions occurred or the like.
  • The aspects defined above and further aspects of the invention are apparent from the exemplary embodiment to be described hereinafter and are explained with reference to this exemplary embodiment.
  • The invention will be described in more detail hereinafter with reference to an exemplary embodiment. However, the invention is not limited to this exemplary embodiment.
    • Fig. 1 shows the memory organization of a MIFARE Standard 1k EEPROM.
    • Fig. 2 shows the manufacturer block of a MIFARE memory.
    • Fig. 3 shows the sector trailer of a sector of MIFARE memory.
    • Fig. 4 and Fig. 5 show schematic representation of a mobile communication device with NFC capabilities and an RFID reader operated in a conventional manner.
    • Fig. 6 shows a schematic representation of a mobile communication device with NFC capabilities and an RFID reader operated according to the present invention.
  • Fig. 6 shows a schematic representation of a system comprising a mobile communication device 3 with NFC capabilities configured as a mobile phone and an RFID reader 1. The mobile communication device 3 comprises a processor (not shown in the drawing) for executing software being internally stored in the mobile communication device. The software comprises an operating system for carrying out and managing all functions of the mobile communication device 3. The operating system is a Java system comprising a Java Virtual Machine J2ME. The mobile communication device 3 has its NFC capabilities due to a built-in NFC chip 5.
  • Further, the mobile communication device 3 is equipped with a secure memory device 2 configured as a SmartMX card which has its own computational power and multiple interface options. The secure memory device 2 comprises a first memory portion 2a which is configured as an emulated MIFARE memory. Access to its contents which are stored in sectors is granted by keys, as has been explained in the introduction of this document. Data are written into the first memory portion 2a and read out from it by the reader 1 according to the general MIFARE specifications. There is neither encryption nor authentication provided, but the advantage of this standard MIFARE configuration of the first portion 2a of the secure memory device 2 is that its access procedures can easily be handled. This MIFARE memory portion 2a is particularly useful for storing NFC applications that do not represent very high monetary values, such as tickets, transport passes, etc. The secure memory device 2 comprises a second memory portion 2b which is configured as a high-secure memory portion operated under a Java Operating System such as JCOP. The second memory portion 2b offers security features like authentication and encryption. The second memory portion 2b is also accessible by the reader 1.
  • When the mobile communication device 3 enters (see arrows A1) the RF field 4 of the reader 1 a transaction A20 between the reader 1 and the MIFARE portion 2a can be carried out. However, in contrast to the conventional execution of the MIFARE transaction which has been described above with reference to Fig. 5, according to the present invention the reader 1 does not only carry out the transaction A20 (reading and/or writing) with the MIFARE portion 2a of the secure memory device 2, but additionally writes specific information in a pre-defined sector S of the MIFARE portion 2a, which specific information is representative for an application identification AID of one of the MIDlets 6 stored in the mobile communication device 3. When the NFC chip 5 realizes that the reader 1 has accessed the MIFARE portion 2a of the secure memory device 2, it generates the hardware interruption INT which causes the NFC stack of the operating system to wake up. According to the invention the NFC stack accesses the pre-defined sector S of the MIFARE portion 2a of the secure memory device 2 and reads (arrow A8) the information representative for an application identification AID, which has previously been written in by the reader 1.
  • Then, the NFC stack triggers a NFC push event with this retrieved application identification AID (arrow A4). The Java Virtual Machine J2ME is able to check if a MIDlet 6 which is associated to this retrieved application identification AID has been installed in the mobile communication device 3, and if so, starts this MIDlet 6 (arrow A5). Please note that the last step is a standard PUSH feature of said Java Virtual Machine J2ME. This MIDlet 6 will inform the user of the mobile communication device that an access to the MIFARE portion 2a of the secure memory device 2 has occurred, e.g. by showing a message in a display of the mobile communication device 3, or the like.
  • Examples of how to write specific data into a pre-defined sector of the MIFARE portion 2a are the following:
  • • Using non NDEF MIFARE compliant data
  • The MIFARE portion 2a of the secure memory device 2 SMARTMX is divided in x sectors containing 4 blocks of 16Bytes each. To use this feature, the reader 1 writes the specific information which is representative for an application identification AID in sector 0 block 1 to store a 16 bytes identification number.
  • • Using MIFARE NDEF compliant data
  • The following record can be used:
    • TYPE = ext:nxp.com
    • KEY = MIFAREPUSHAID
    • PAYLOAD = Application ID
  • The main focus of the present invention the OTA (Over the Air) provisioning of new services like ticketing, transit, access control and so on for mobile communication device 3 with NFC capabilities. It overcomes the severe disadvantage that hitherto there was no way to warn users of said mobile communication devices 3 when accesses to the MIFARE portion 2a of the secure memory devices had occurred.
  • It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps other than those listed in a claim. The indefinite article "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. In the device claim enumerating several means, several of these means may be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims (5)

  1. A mobile communication device (3) with Near Field Communication (NFC) capabilities, being operated by an operating system, such as a JAVA operating system (J2ME), wherein the operating system is able to start software applications (6) which are installed in the mobile communication device (3) and are identifiable by application identifications (AID), wherein the mobile communication device (3) is equipped with a secure memory device (2), e.g. configured as a SmartMX card, which comprises at least a first memory portion (2a) configured as a MIFARE memory with a plurality of memory sectors, which sectors are protected against unauthorized access by sector keys, wherein the mobile communication device (3) comprises NFC means, particularly an NFC chip (5), being adapted to trigger a hardware interruption (INT) when the first memory portion (2a) has been accessed by an external RFID reader (1), which hardware interruption (INT) is detected by the operating system (J2ME) and causes the operating system (J2ME) to access a pre-defined sector (S) of the first memory portion (2a) of the secure memory device (2) and to read information from said sector (S) which has been previously written by the external RFID reader (1), which information is representative for an application identification (AID), to retrieve and to start a software application (6) associated to the application idenficiation (AID).
  2. The mobile communication device (3) as claimed in claim 1, wherein retrieving and starting a software application (6) comprises generating a push event (A4) with the retrieved application identification (AID) which push event (A4) causes starting of the associated software application (6).
  3. The mobile communication device (3) as claimed in claim 1 or 2, wherein the software applications (6) comprise JAVA MIDlets.
  4. The mobile communication device (3) as claimed in claim 1, being configured as an NFC mobile phone.
  5. An RFID reader (1) being adapted to access a MIFARE portion (2a) of a secure memory device (2) in a mobile communication device (3); which MIFARE portion (2a) comprises a plurality of memory sectors, wherein the RFID reader (1) is configured to read data from sectors and to write data into sectors by transmitting the keys assigned to said sectors and the data, wherein the RFID reader (1) is adapted to write information into a pre-defined sector (S) of the MIFARE portion (2a) of the secure memory device (2), which information is representative for an application identification (AID) of a software application (6) to be started by the operating system of the mobile communication device (3).
EP09750221.5A 2008-05-19 2009-05-13 Nfc mobile communication device and nfc reader Active EP2279502B1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP08104008 2008-05-19
PCT/IB2009/051982 WO2009141764A2 (en) 2008-05-19 2009-05-13 Nfc mobile communication device and nfc reader
EP09750221.5A EP2279502B1 (en) 2008-05-19 2009-05-13 Nfc mobile communication device and nfc reader

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP09750221.5A EP2279502B1 (en) 2008-05-19 2009-05-13 Nfc mobile communication device and nfc reader

Publications (2)

Publication Number Publication Date
EP2279502A2 EP2279502A2 (en) 2011-02-02
EP2279502B1 true EP2279502B1 (en) 2016-01-27

Family

ID=41340628

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09750221.5A Active EP2279502B1 (en) 2008-05-19 2009-05-13 Nfc mobile communication device and nfc reader

Country Status (4)

Country Link
US (2) US8862052B2 (en)
EP (1) EP2279502B1 (en)
CN (1) CN102037499B (en)
WO (1) WO2009141764A2 (en)

Families Citing this family (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8346210B2 (en) * 2009-02-27 2013-01-01 Nokia Corporation Method and apparatus for managing services using bearer tags
US9378498B2 (en) * 2009-11-20 2016-06-28 Feitian Technologies Co., Ltd Method for loading double e-wallets
US9143930B2 (en) * 2010-10-20 2015-09-22 Kwallet Gmbh Secure element for mobile network services
US8555067B2 (en) 2010-10-28 2013-10-08 Apple Inc. Methods and apparatus for delivering electronic identification components over a wireless network
TWI468943B (en) * 2010-11-03 2015-01-11 Apple Inc Methods and apparatus for access data recovery from a malfunctioning device
FR2968799B1 (en) * 2010-12-09 2013-01-11 Oberthur Technologies Method and device for execution control for internal functions and protected applications onboard in microcircuit cards for mobile terminals
US8807440B1 (en) 2010-12-17 2014-08-19 Google Inc. Routing secure element payment requests to an alternate application
US8335921B2 (en) * 2010-12-17 2012-12-18 Google, Inc. Writing application data to a secure element
US8352749B2 (en) 2010-12-17 2013-01-08 Google Inc. Local trusted services manager for a contactless smart card
US9727879B2 (en) * 2011-03-30 2017-08-08 Nokia Technologies Oy Method and apparatus for providing tag-based content installation
US9450759B2 (en) 2011-04-05 2016-09-20 Apple Inc. Apparatus and methods for controlling distribution of electronic access clients
US20120314865A1 (en) * 2011-06-07 2012-12-13 Broadcom Corporation NFC Communications Device for Setting Up Encrypted Email Communication
KR101372667B1 (en) * 2011-08-24 2014-03-11 주식회사 팬택 System and method for executing applications
US8171525B1 (en) 2011-09-15 2012-05-01 Google Inc. Enabling users to select between secure service providers using a central trusted service manager
US8255687B1 (en) 2011-09-15 2012-08-28 Google Inc. Enabling users to select between secure service providers using a key escrow service
US8313036B1 (en) 2011-09-16 2012-11-20 Google Inc. Secure application directory
GB2563173B (en) * 2011-12-01 2019-02-20 Qualcomm Technologies Int Ltd A near field communication equipped device
US8385553B1 (en) 2012-02-28 2013-02-26 Google Inc. Portable secure element
US8429409B1 (en) 2012-04-06 2013-04-23 Google Inc. Secure reset of personal and service provider information on mobile devices
EP2663106B1 (en) * 2012-05-08 2017-02-15 Nxp B.V. Secure near field communication solutions and circuits
KR101895220B1 (en) 2012-05-08 2018-09-07 삼성전자주식회사 Apparatus and method for selecting a secure element in a near field communication device
KR101421568B1 (en) * 2012-07-27 2014-07-22 주식회사 케이티 Smart card, device and method for smart card service
WO2014016695A2 (en) * 2012-07-27 2014-01-30 Assa Abloy Ab Presence-based credential updating
KR20140097832A (en) 2013-01-30 2014-08-07 주식회사 케이티 Device of generating and terminating a virtual card transferred to a physical card
KR20140103210A (en) 2013-02-14 2014-08-26 주식회사 케이티 Apparatus and method for setting a primary payment means
US9407329B2 (en) 2013-04-19 2016-08-02 Nxp B.V. Secure near field communication solutions and circuits
KR101754176B1 (en) 2013-07-26 2017-07-05 후아웨이 디바이스 컴퍼니 리미티드 Tag identification method and apparatus
US8904195B1 (en) 2013-08-21 2014-12-02 Citibank, N.A. Methods and systems for secure communications between client applications and secure elements in mobile devices
ITUD20130139A1 (en) 2013-10-28 2015-04-29 Rotas Italia S R L Application for a telecommunication device equipped with processor
US9439062B2 (en) 2014-05-30 2016-09-06 Apple Inc. Electronic subscriber identity module application identifier handling
US9451445B2 (en) * 2014-05-30 2016-09-20 Apple Inc. Electronic subscriber identity module selection
US9805183B2 (en) 2015-04-15 2017-10-31 Motorola Mobility Llc Utilizing radio frequency identification tags to display messages and notifications on peripheral devices
US20160307011A1 (en) 2015-04-15 2016-10-20 Motorola Mobility Llc Utilizing a radio frequency identification tag to control one or more operational states of a peripheral device
US9824203B2 (en) 2015-04-15 2017-11-21 Motorola Mobility Llc Utilizing a radio frequency identification tag to assess the battery level of a peripheral device
CN104915696B (en) * 2015-07-01 2017-10-27 浙江工业大学 A kind of NFC reading/writing methods based on Android platform
US20170261766A1 (en) * 2016-03-14 2017-09-14 Vance M. Thompson Contact lens with flexible center and rigid periphery

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6778834B2 (en) 2001-02-27 2004-08-17 Nokia Corporation Push content filtering
WO2005081087A1 (en) * 2004-02-25 2005-09-01 Accenture Global Services Gmbh Rfid protected media system and method that provides dynamic downloadable media
US8441338B2 (en) * 2004-02-25 2013-05-14 Accenture Global Services Limited RFID enabled media system and method
WO2005091182A2 (en) * 2004-03-19 2005-09-29 Roger Humbel Mobile telephone all in one remote key or software regulating card for radio bicycle locks, cars, houses, and rfid tags, with authorisation and payment function
US7126481B2 (en) * 2004-09-27 2006-10-24 Nokia Corporation Methods, systems, devices and computer program products for providing dynamic product information in short-range communication
US8238823B2 (en) 2005-02-09 2012-08-07 Nxp B.V. Method for ensuring a secure NFC functionality of a wireless mobile communication device and wireless mobile communication device having a secure NFC functionality
CN101479689A (en) * 2006-06-23 2009-07-08 Nxp股份有限公司 NFC enabled pointing with a mobile device
US8118218B2 (en) * 2006-09-24 2012-02-21 Rich House Global Technology Ltd. Method and apparatus for providing electronic purse
US7967215B2 (en) * 2008-04-18 2011-06-28 Vivotech Inc. Systems, methods, and computer program products for supporting multiple contactless applications using different security keys
CN102067184B (en) * 2008-06-24 2014-05-14 Nxp股份有限公司 Method of accessing applications in secure mobile environment

Also Published As

Publication number Publication date
WO2009141764A3 (en) 2010-04-22
EP2279502A2 (en) 2011-02-02
WO2009141764A2 (en) 2009-11-26
US9607192B2 (en) 2017-03-28
CN102037499A (en) 2011-04-27
US20150029003A1 (en) 2015-01-29
US20110053504A1 (en) 2011-03-03
CN102037499B (en) 2013-06-12
US8862052B2 (en) 2014-10-14

Similar Documents

Publication Publication Date Title
Hansmann et al. Smart card application development using Java
AU2010300674B2 (en) Mobile payment application architecture
EP2477431B1 (en) Protection of a security element coupled with an NFC circuit
US6233683B1 (en) System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card
JP5323187B2 (en) Application access method in a secure mobile environment
CA2820915C (en) Local trusted services manager for a contactless smart card
US9106632B2 (en) Provisioning by delivered items
CN103415874B (en) Writing application data to secure element
US7631810B2 (en) Systems, methods, and computer program products for supporting multiple applications and multiple instances of the same application on a wireless smart device
US9123041B2 (en) System and method for presentation of multiple NFC credentials during a single NFC transaction
KR100386154B1 (en) Data excange system comprising portable data processing units
CN101322424B (en) Method for issuer and chip specific diversification
US6328217B1 (en) Integrated circuit card with application history list
US7689826B2 (en) Flexibly loading a tamper resistant module
US20030024980A1 (en) System and method for flexibly loading an IC Card
US5898783A (en) System and method for employing a telecommunications network to remotely disable a SIM or smartcard
US6742120B1 (en) System and method for controlling access to computer code in an IC card
US20040199787A1 (en) Card device resource access control
JP3459649B2 (en) Data exchange system, including a portable data processing unit
AU2002350918B2 (en) Smartcard system
US9332060B2 (en) Methods, secure element, server, computer programs and computer program products for improved application management
US9608989B2 (en) Method, system, trusted service manager, service provider and memory element for managing access rights for trusted applications
TWI486772B (en) Security architecture for using host memory in the design of a secure element
US8646059B1 (en) Wallet application for interacting with a secure element application without a trusted server for authentication
CN101765846B (en) Mobile communication device and method for disabling applications

Legal Events

Date Code Title Description
AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent to:

Extension state: AL BA RS

17P Request for examination filed

Effective date: 20101220

DAX Request for extension of the european patent (to any country) (deleted)
REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602009036016

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: G07F0007100000

Ipc: H04W0012060000

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/35 20130101ALI20150810BHEP

Ipc: G06F 21/79 20130101ALI20150810BHEP

Ipc: G06K 7/10 20060101ALI20150810BHEP

Ipc: G06Q 20/32 20120101ALI20150810BHEP

Ipc: H04L 29/06 20060101ALI20150810BHEP

Ipc: H04W 12/06 20090101AFI20150810BHEP

INTG Intention to grant announced

Effective date: 20150909

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 773186

Country of ref document: AT

Kind code of ref document: T

Effective date: 20160215

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602009036016

Country of ref document: DE

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 8

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20160127

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 773186

Country of ref document: AT

Kind code of ref document: T

Effective date: 20160127

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160427

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160428

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160531

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160527

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160527

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602009036016

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160513

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

26N No opposition filed

Effective date: 20161028

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160531

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160531

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160427

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 9

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160513

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 10

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20090513

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160127

Ref country code: MT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160531

PGFP Annual fee paid to national office [announced from national office to epo]

Ref country code: DE

Payment date: 20190418

Year of fee payment: 11

PGFP Annual fee paid to national office [announced from national office to epo]

Ref country code: FR

Payment date: 20190419

Year of fee payment: 11

PGFP Annual fee paid to national office [announced from national office to epo]

Ref country code: GB

Payment date: 20190423

Year of fee payment: 11